class CommentsController < ApplicationController
before_filter :login_required

  def create
    comment = Comment.new(params[:comment])
    comment.ticket = Ticket.find(params[:ticket_id])
    comment.user = current_user
    if (current_user.groups.include? comment.ticket.group)
      if comment.save!
        flash[:notice] = "Comment added"
        redirect_to edit_ticket_path(comment.ticket)
      else
        flash[:notice] = "Comment not added"
        redirect_to edit_ticket_path(comment.ticket)
      end
    else
      redirect_to("/access_denied")    
    end
  end

  def destroy
    comment = Comment.find(params[:id])
    if (current_user.groups.include? comment.ticket.group) and (current_user.admin? or (comment.user == current_user))
      if comment.destroy
        flash[:notice] = "Comment deleted"
        redirect_to edit_ticket_path(comment.ticket.id)
      else
        flash[:notice] = "Comment not deleted"
        redirect_to edit_ticket_path(comment.ticket.id)
      end
    else
      redirect_to("/access_denied")    
    end

  end

end
